Jump to content
Tuts 4 You

[keygenme] -hassh #2-

Ufo-Pu55y

By Ufo-Pu55y
in KeygenMe

 Share

Recommended Posts

Ufo-Pu55y

Ufo-Pu55y

Posted
Posted (edited)

Hi,

here's level 2: KeygenMe__hASSh__2_.rar

Fishing/Selfkeygenning/loveing : 0 points

Ripping : 1 point

Recognizing&Owning : 1337 pointz

If you're after 0 or 1 point, it's easy like ****. Again nothing protected or hidden.

Just a naked row of instructions. But if you're after the full win, this one might be a small bitch.. dunno.

Have phun :happy:

Edited by Ufo-Pu55y
Link to comment
Share on other sites
Ufo-Pu55y

Ufo-Pu55y

Posted
  • Author
Posted (edited)

A selfkeygen (0 points.. cough) with one JNZ to JMP and some NOPs... ok.

But why this weird overlay :? :blink: Trying to hide what ? ^^

If your overlay saves it to C:\ packed with FSG, then you shouldn't at least forget to

delete it afterwards. Or maybe better save it to TEMP folder..

Edited by Ufo-Pu55y
Link to comment
Share on other sites
TGunner54

TGunner54

Posted
Posted

Oh... lol i was seeing if you would notice if it was a keygen or Self-Keygen xD i packed it with FSG and used D1S1G to make it look like UPX :blush:

idk what D1S1G does.... i guess it extracts to C:\ then o.o?

Link to comment
Share on other sites
Ufo-Pu55y

Ufo-Pu55y

Posted
  • Author
Posted (edited)
I hope this is worth atleast 1 point...... :P
Ofc :crazy:

But your code really made me wonder. For example you got some lstrcat in there and other

weird stuff.. nearly looked like obfuscation to me :?

The trick is to get a hasher which does them all. I got 2 hash functions in there.

The 2nd is CRC16 - PEiD might have told you. So I got 2 main hash calls.. each with

some parameters: ptrInput, ptrOutput and 1 or more init values.

Maybe it was mean not to use usual inits. So you would first need to look up, what

the inits might 'usually' be and try a call with such init. After that compare the output string

with the outputs of a hasher to recognize the type of hash...

I don't want to name the 1st hash, yet.. but for both calls I only changed 1 BIT in the inits :)

Edited by Ufo-Pu55y
Link to comment
Share on other sites
DrPepUr

DrPepUr

Posted
Posted

I have no idea what the first hash is, I couldnt ever figure it out. I ripped the one out of the keygenme and used the lstrcat to set up the buffer.......Im sure it would have been easier if I could have figured out the first hash..........so I made the best of it.........oh well I tried....

Link to comment
Share on other sites
Loki

Loki

Posted
Posted

Had a busy weekend but hoping to take a look at this early next week :)

Hoping I dont get owned by this one :)

Link to comment
Share on other sites
Loki

Loki

Posted
Posted

You're going to have to put me out of my misery on this one mate :)

Easily rippable of course, but I'm really not sure what that other hash is. :s

Link to comment
Share on other sites
Loki

Loki

Posted
Posted

UFO told me what the hash is.... for all those as confused as I was, it isnt some 'completely' obscure hash. It is however, not one of the more commmonly implemented one.

Good luck syk071c :)

Link to comment
Share on other sites
DrPepUr

DrPepUr

Posted
Posted

Well I don't feel half as bad now for having a hard time with this............Would some one care to enlighten me ?

Link to comment
Share on other sites
ChupaChu

ChupaChu

Posted
Posted

Besides hashing the algo is simple and easy to own.

Whats hashing conserned; it needs time to trace it and understand it; i just dont have time for it at the time being.

nice crackme, UFO!

BR, ChupaChu!

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...